3 Answers
3

As far as I know all SIM card produced during last ~10 years are able to run java. The problem is that you need code can be obtained from the card owner, i.e. the carrier. But carrier will not give you this code unless you are the carrier's partner...

You're completely wrong about javacard. "Native" cards are still very popular and volumes of native are probably higher (considering that China and India use more native). Java card in most countries is still "high end" product.
–
OgreSwampMar 1 '11 at 7:48

I afraid issued cards will be useless for you.
Almost (if not all of them) will be in lifecycle state CARD_SECURED which doesn't allow you to load an applet using GlobalPlatform/OpenPlatform.

In case of SIM cards for the network operator there is a way to load an applet on the Java card - OTA. If Remote Applet Manager applet (part of OTA) is installed and configured applet could be loaded and installed to the SIM using ENVELOPE command (special formated SMS comes to the phone and phone passes them in ENVELOPE command to the card). Unfortunately for you to do that you still need to know keys - card will expect signed or/and encrypted ENVELOPEs. So you'll need keys to do that.

If your interest is just academic - you can always buy java card with some SDK/Tools from some small card manufactures and play with java card. If you want to install something on existing card I'd say it is impossible.

Are the OTA keys equal for all the SIM cards of an operator, or the operator set a different specific key for each SIM card typically? And if we have OTA keys, does we need any device to send those SMS-s directly to the mobile set (And not to the BTS and the to the target mobile set)? or it is possible to use another mobile set to send these kind of SMS-s to another mobile set?
–
AbrahamMar 13 at 18:43

1

OTA keys are card specific. There is no guarantee that card has OTA enabled.
–
OgreSwampMar 15 at 13:13

1

Messages sent to OTA usually have encryption and specific secure headers (spec GSM 03.48).
–
OgreSwampMar 15 at 13:14

1

No, if you read 03.48 you'll find that headers of secured messages are way longer that normal SMS headers. Header contain information about used encryption type, signatures, number of keys used etc.. Google for 03.48 tool - probably you'll find some tools to format those messages. However you'll still need OTA server to send them - you won't be able to send them using your mobile.
–
OgreSwampMar 15 at 13:38

1

Are you sure that the life cycle state is locked for post issuance? (the first line of your answer). As far as I know, in this state the card only respond to the GET STATUS command. I think the state is SECURED for post issuance, right?
–
TheGoodUserApr 8 at 12:34